Plus, the Enterprise Reporter Suite includes Security Explorer, so you can quickly take action from within the Enterprise Reporter user interface to remove any inappropriate permissions. Security Explorer provides an array of additional security features, such as the ability to quickly grant, revoke, clone, modify and overwrite permissions from a central location. This combination of reporting and remediation facilitates security and compliance, enabling you to stay ahead of security vulnerabilities to prevent breaches.

Correlate disparate IT data from numerous systems and devices into an interactive search engine for fast security incident response and forensic analysis. Include user entitlements and activity, event trends, suspicious patterns and more with rich visualizations and event timelines.

Pre- and post-migration analyses

Ensure a smooth domain or tenant migration or consolidation project by pinpointing user and group dependencies, object matches and potential conflicts, and unused or disabled accounts before the migration starts.

Change review

Capacity planning

Report on and manage storage capacity planning and allocation on a variety of devices, including Windows file servers, network attached storage (NAS) and storage area networks (SANs).

Scalable data collection

Scale to environments of any size and geographic distribution. Schedule collections during off-peak hours to minimize the impact of data collection on network and server performance, and leverage the distributed collection architecture for load balancing.

Efficient storage

Reduce database storage requirements and save more change history data by comparing discoveries and storing only the changes.

Automated reporting workflows

Ensure stakeholders get the reports they need, when they need them, with automated report generation and flexible scheduling of report delivery.

Separation of duties (SoD)

Honor departmental and business function boundaries by enabling auditors, help desk staff, IT managers and other stakeholders to get exactly the reports they need and nothing more.

Common reporting portal

Security Explorer Features

Centralized permissions management

Make targeted or bulk changes to servers with the ability to grant, revoke or modify permissions. View and manage group membership settings directly in the access control list for a resource. Overcome access-denied errors by forcing permissions onto protected objects.

Enterprise–wide rights review

Eliminate the need to manually search each server for permissions. Search for inherited or explicit permissions on file servers, Exchange server, SQL Server and SharePoint. Even search for permissions to services, tasks, users and groups.

Advanced security and permissions

Quickly back up permissions to take a baseline of your access controls, and revert to that baseline at any time to easily recover from accidental or malicious changes without having to restore data. Improve security and ensure that compliance requirements are enforced.

Complete reporting

Export a database or spreadsheet listing the permissions on items anywhere in the directory tree. Filter the results to show only permissions that differ from the parent folder. Perform targeted searches for all locations that a particular group or user has access to across the network and export this data to create ad-hoc security reports.

Intuitive access controls

Security Explorer can back up and restore security settings to an alternate location, so you can be sure that appropriate access is in place on the new servers.

Tour

Complete platform reporting

Get comprehensive reporting on multiple Microsoft platforms in one console

Enterprise Reporter can be configured to send discovery information to the following versions of IT Security Search. See the IT Security Search web site for the hardware and software requirements for your version of IT Security Search.

The following versions of SQL Server® are supported for the Enterprise Reporter database. See the Microsoft® web site for the hardware and software requirements for your version of SQL Server®:

SQL Server® 2016

SQL Server® 2014

SQL Server® 2012

SQL Server® 2008 R2

SQL Server® 2008 with Service Pack 2

SQL clusters and database mirroring are supported for your deployment, including

SQL Server® 2016 Always On

SQL Server® 2014 Always On

SQL Server® 2012 Always On

Using SQL Server Certificates

SSL Encryption of SQL Server Connections using Certificates

Enterprise Reporter can be configured to work with a SQL Server® instance. To secure communications while working with Enterprise Reporter, data sent over connections to the SQL Server can be encrypted using an SSL certificate.

The steps required to configure this encryption are as follows.

Using the Microsoft Management Console (MMC):

install the Certificates snap-in for the SQL Server® host computer

import the certificate to the SQL Server® host computer

Using SQL Server Configuration manager:

configure the SQL Server® to use the certificate

configure the SQL Server® to force encryption

Restart the SQL Server® host computer

Import the certificate to all Enterprise Reporter computers that will need to communicate with the SQL Server®, such as:

To collect Active Roles information, the following software is required on the computer where the Enterprise Reporter Configuration Manager is installed and on the computer where the Enterprise Reporter node is installed:

ADSI Provider (the version must match the Active Roles version)

For more information and installation instructions, see the Active Roles Quick Start Guide.
The following additional considerations are required:

There must be a trust between the Enterprise Reporter domain and the Active Roles domain.

The credentials used for the Active Roles discovery must have access to the Active Roles domain.

Exchange Required Software

To collect Exchange® 2007 information, the following additional considerations are required:

Exchange® 2007 Management Tools must be installed on the computer where the Enterprise Reporter node is installed and must be in the same forest as the 2007 Exchange Organization.

It is highly recommended to put the computer where the Enterprise Reporter node is installed within the target Exchange® 2007 domain.

Resources

Enterprise Reporter can help you improve your security posture. This tech brief describes the top 10 AD security reports you should run on a regular basis to reduce your attack surface and thwart attackers.

A move to the cloud requires Azure AD and Azure AD requires a modernized, on-premises AD. Failing this modernization, the complexities of integrating into Azure AD grow and the benefits of Office 365 shrink.

In this new report from the Information Security Community on LinkedIn, you will learn how your peers are approaching cybersecurity in the era of cloud, including the latest trends and benchmarks to gauge how your own organization stacks up.